﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;

namespace BHXH_NT
{
    public partial class FrmAccount : Form
    {
        private string connectionString = global::BHXH_NT.Properties.Settings.Default.MISBHXH_NTConnectionString;
        public FrmAccount()
        {
            InitializeComponent();
        }

        private void FrmAccount_Load(object sender, EventArgs e)
        {
            GetDataforNhanVien();
        }
        private void GetDataforNhanVien()
        {
            SqlConnection conn;
            SqlDataAdapter daNhanVien;
            DataSet dsNhanVien;

            conn = new SqlConnection(connectionString);
            // 1. instantiate a new DataSet
            dsNhanVien = new DataSet();
            // 2. init SqlDataAdapter with select command and connection
            daNhanVien = new SqlDataAdapter("SELECT distinct User_Name(memberuid) As Name FROM Sysmembers", conn);
            // 4. fill the dataset
            daNhanVien.Fill(dsNhanVien, "NhanVien");
            cboNhanVien.DataSource = dsNhanVien.Tables[0];
        }

        private void btnChapNhan_Click(object sender, EventArgs e)
        {
            string queryString;
            if (CheckDataBeforeSave() == false) { return; }
            using (SqlConnection connection =
                  new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "Insert into NT_ACCOUNT(USERID,PASSWORD) values('" + cboNhanVien.SelectedValue + "','" + txtPass.Text + "')";
                command.CommandText = queryString;
                command.ExecuteNonQuery();
                
            }
            MessageBox.Show("CËp nhËt thµnh c«ng");

        }
        private bool CheckDataBeforeSave()
        {
            string queryString;
            if (txtPass.Text == "")
            {
                MessageBox.Show("NhËp Password");
                txtPass.Focus();
                return false;
            }
            if (txtConfirm.Text != txtPass.Text)
            {
                MessageBox.Show("X¸c nhËn kh«ng ®óng");
                txtConfirm.Focus();
                return false;
            }
            using (SqlConnection connection =
                   new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "exec sp_executesql N'SELECT User_Name(memberuid) As Name FROM Sysmembers "
                + "WHERE User_name(memberuid) = @P1 ', N'@P1 varchar(50)', '" + cboNhanVien.SelectedValue + "'";
                command.CommandText = queryString;
                SqlDataReader reader = command.ExecuteReader();
                if (reader.HasRows == false)
                {
                    MessageBox.Show("NhËp l¹i m· nh©n viªn");
                    cboNhanVien.Focus();
                    return false;
                }

            }
            using (SqlConnection connection =
                   new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "exec sp_executesql N'SELECT * FROM NT_ACCOUNT "
                + "WHERE USERID = @P1 ', N'@P1 varchar(50)', '" + cboNhanVien.SelectedValue + "'";
                command.CommandText = queryString;
                SqlDataReader reader = command.ExecuteReader();
                if (reader.HasRows == true)
                {
                    MessageBox.Show("M· nh©n viªn ®· tån t¹i");
                    cboNhanVien.Focus();
                    return false;
                }

            }
            return true;
        }

        private bool CheckDataBeforeUpdate()
        {
            string queryString;
            if (txtPass.Text == "")
            {
                MessageBox.Show("NhËp Password");
                txtPass.Focus();
                return false;
            }
            if (txtConfirm.Text != txtPass.Text)
            {
                MessageBox.Show("x¸c nhËn kh«ng ®óng");
                txtConfirm.Focus();
                return false;
            }
            using (SqlConnection connection =
                   new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "exec sp_executesql N'SELECT User_Name(memberuid) As Name FROM Sysmembers "
                + "WHERE User_name(memberuid) = @P1 ', N'@P1 varchar(50)', '" + cboNhanVien.SelectedValue + "'";
                command.CommandText = queryString;
                SqlDataReader reader = command.ExecuteReader();
                if (reader.HasRows == false)
                {
                    MessageBox.Show("NhËp l¹i m· nh©n viªn");
                    cboNhanVien.Focus();
                    return false;
                }

            }
            using (SqlConnection connection =
                   new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "exec sp_executesql N'SELECT * FROM NT_ACCOUNT "
                + "WHERE USERID = @P1 ', N'@P1 varchar(50)', '" + cboNhanVien.SelectedValue + "'";
                command.CommandText = queryString;
                SqlDataReader reader = command.ExecuteReader();
                if (reader.HasRows == false)
                {
                    MessageBox.Show("Password ch­a nhËp");
                    cboNhanVien.Focus();
                    return false;
                }

            }
            return true;
        }

        private void btnThoat_Click(object sender, EventArgs e)
        {
            this.Close();
        }

        private void btnChangePass_Click(object sender, EventArgs e)
        {
            string queryString;
            if (CheckDataBeforeUpdate() == false) { return; }
            using (SqlConnection connection =
                  new SqlConnection(connectionString))
            {
                connection.Open();
                SqlCommand command = connection.CreateCommand();
                queryString = "Update NT_ACCOUNT set PASSWORD = '" + txtPass.Text + "'" 
                + " where USERID = '" + cboNhanVien.SelectedValue + "'";
                command.CommandText = queryString;
                command.ExecuteNonQuery();

            }
            MessageBox.Show("CËp nhËt thµnh c«ng");
        }

        
    }
}
